4810 matches found
CVE-2026-43059
A flaw was found in the Linux kernel's Bluetooth Management MGMT component. This vulnerability arises from incorrect handling of pending commands within the Bluetooth subsystem's command completion processes. An attacker with local access could exploit this issue to trigger memory corruption and...
CVE-2026-43107
CVE-2026-43107 concerns the Linux kernel xfrm subsystem. The root cause is that xfrm_aevent_msgsize() did not reserve space for XFRMA_IF_ID, causing build_aevent() to fail with -EMSGSIZE and potentially trigger a kernel panic via a malformed netlink interaction when if_id is set. The fix uncondit...
CVE-2026-43107 xfrm: account XFRMA_IF_ID in aevent size calculation
In the Linux kernel, the following vulnerability has been resolved: xfrm: account XFRMAIFID in aevent size calculation xfrmgetae allocates the reply skb with xfrmaeventmsgsize, then buildaevent appends attributes including XFRMAIFID when x-ifid is set. xfrmaeventmsgsize does not include space for...
CVE-2026-43086 ipvs: fix NULL deref in ip_vs_add_service error path
In the Linux kernel, the following vulnerability has been resolved: ipvs: fix NULL deref in ipvsaddservice error path When ipvsbindscheduler succeeds in ipvsaddservice, the local variable sched is set to NULL. If ipvsstartestimator subsequently fails, the outerr cleanup calls...
PT-2026-37580
In the Linux kernel, the following vulnerability has been resolved: x86/kexec: add a sanity check on previous kernel's ima kexec buffer When the second-stage kernel is booted via kexec with a limiting command line such as "mem=", the physical range that contains the carried over IMA measurement...
PT-2026-37587
In the Linux kernel, the following vulnerability has been resolved: media: chips-media: wave5: Fix SError of kernel panic when closed SError of kernel panic rarely happened while testing fluster. The root cause was to enter suspend mode because timeout of autosuspend delay happened. 48.834439...
PT-2026-37417
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A flaw exists in the xfrm component where the xfrm get ae function allocates a reply socket buffer skb using xfrm aevent msgsize, but the build aevent function may append additional...
Linux Distros Unpatched Vulnerability : CVE-2026-43107
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - xfrm: account XFRMAIFID in aevent size calculation xfrmgetae allocates the reply skb with xfrmaeventmsgsize, then buildaevent appends attributes including...
Linux kernel 安全漏洞
The Linux kernel is the core of the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from the wave5 driver’s automatic suspension mode that enters a suspended state due to an excessive...
PT-2026-37569
In the Linux kernel, the following vulnerability has been resolved: media: chips-media: wave5: Fix device cleanup order to prevent kernel panic Move video device unregistration to the beginning of the remove function to ensure all video operations are stopped before cleaning up the worker thread...
PT-2026-37062
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description List corruption and Use-After-Free UAF issues exist in the Bluetooth MGMT command complete handlers. These issues stem from a change in the mgmt pending valid function, which validates a...
Exploit for CVE-2025-40271
🔴 CVE-2025-40271: Vulnerabilidad Crítica de Uso-After-Free en...
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerability has been resolved: drm/amd/amdkfd: Fixed a kernel panic that occurred when the reset attempt failed and was triggered again. In SRIOV configuration, the reset may fail to restore the ASIC to normal, but the cpsch function has already been called...
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerability has been resolved: s390/cio: verify the driver availability for pathevent call If no driver is attached to a device or the driver does not provide the pathevent function, an FCES path-event on this device could end up in a kernel-panic. Verify the...
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerability has been resolved: drivers: perf: Check findfirstbit return value We must check the return value of findfirstbit before using the return value as an index array since it happens to overflow the array and then panic: 107.318430 Kernel BUG 1 107.3194...
Astra Linux - уязвимость в linux-5.10
A flaw was discovered in the IPv6 module of the Linux kernel. The arg.result parameter was not used consistently in fib6rulelookup; sometimes rt6info was used, and other times fib6info. This issue was not accounted for in other parts of the code, where rt6info was expected to be used...
Astra Linux - уязвимость в linux-5.10, linux-5.15, linux
In the Linux kernel, the following vulnerability has been resolved: Addition of exception protection handling for vd in the axichanhandleerr function. Since there is no protection for vd, a kernel panic will be triggered in exceptional cases. You can refer to the handling of the...
Astra Linux - уязвимость в linux-5.10, linux
In the Linux kernel, the following vulnerability has been resolved: configfs: Fix a race condition in configfs,unregistersubsystem. When configfsregistersubsystem or configfsunregistersubsystem is executing linkgroup or unlinkgroup, it is possible that two processes add or delete elements from th...
Astra Linux - уязвимость в linux, linux-5.10, linux-5.15, linux-6.1
In the Linux kernel, the following vulnerability has been resolved: ocfs2: fix DIO failure due to insufficient transaction credits The code in ocfs2dioendiowrite estimates number of necessary transaction credits using ocfs2calcextendcredits. This however does not take into account that the IO cou...
Astra Linux - уязвимость в linux-5.10, linux-5.15, linux
In the Linux kernel, the following vulnerability has been resolved: mmc: core: Fixed a kernel panic that occurred when removing a non-standard SDIO card. The SDIO tuple is only allocated for standard SDIO cards. Non-standard SDIO cards may cause memory corruption issues when removed. This occurs...